Thank you for your interest in our services and for the time spent on our website transferprivat.ro. As each visit on our website determines the processing of your data, please read the Privacy Policy in order to understand how your data will be processed and protected. The Privacy Policy elaborates the manner and the reasons for processing your personal data and offers information related to your rights. VIA AMG SRL ensures the protection of your personal data and takes all the necessary measures to ensure their security. Who are we? VIA AMG SRL, established in Motca, Iasi County, registered at the Romanian National Trade Register Office under the number J22/301/2011, VAT no. 28057546, processes personal data according to Regulation (EU) 2016/679 of the European Parliament and of Council of 27 April 2016 (General data protection regulation) and other legal provisions applicable to the processing of personal data. VIA AMG SRL acts as a controller, being registered at ANSPDCP Romania (the National Supervisory Authority for Personal Data Processing from Romania) under the number 10379. In order to data to be processed safely, all diligences are being taken for implementing reasonable measures in order to protect your personal data. We can be contacted at the following: Address: No. 4B Petre Andrei Street, 700494, Iasi County, Romania Phone: +40 752240 885 / +40 317 800 236 Website: http://www.transferprivat.ro Email: office@transferprivat.ro Data or categories of personal information processed by VIA AMG SRL When you visit our website, fill in the contact form, send a request for a service offer through email or contact us for another purpose, including when using another mean of communication, you give us your personal data that we collect such as, but not limited to:

• First name and last name;
• Contact information (email address, phone number);
• The institution that you represent;
• The position you have within the institution you represent.

We may collect data using cookies and similar technological mechanisms, such as:

• IP address;
• Internet browser
• Internet provider
• Location
• The pages you access on our website.

Our policy is to process only the personal data that is needed for the agreed purposes and we ask our clients to provide the personal data only where it is strictly necessary to carry out the specific activity of the transport company. The purposes of the processing of personal data VIA AMG SRL processes personal data, received directly from you or from other sources, for the following purposes:

• For concluding or performing a contract;
• For requesting, drafting or communication of a service offer;
• For replying to your questions and requests;
• For the purpose of marketing only with your given consent;
• For offering and perfecting the our services;
• For ensuring the necessary data security measures;
• For complying with the legislation;
• For ascertaining or claiming a right in court.

The legal bases and the lawfulness of processing The legal bases of processing take into account the provisions of the Regulation (EU) 2016/679 and the legislation regarding data processing adopted in Romania, as well as other normative acts applicable at national and European level. The processing is based on at least one of the following:

• processing may be based on your consent, in the situations expressly provided by the Regulation;
• processing may be necessary in order to conclude and/or perform a contract;
• processing may be necessary for compliance with a legal obligation to which the controller is subject;
• processing may be necessary for the performance of a task carried out in the public interest;
• processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, respectively: a) to manage our activity; b) to manage the risks related to our activity; c) to manage the interactivity with customers, potential customers or business partners, including but not limited to transmitting communications regarding information or offers referring to our services; d) to handle notifications/complaints regarding our services, in order to solve any issues that may arise or to improve our services; e) ascertaining, performing or defending a right in court.

How long do we keep your personal data? VIA AMG SRL will process your personal data for the period of time provided by law or for as long as it is necessary for the purpose for which it was collected. We store your personal data only for the period of time necessary for the purposes of processing, no longer than 5 years from the moment of the cessation of the contract or the last contact between the data subject and the controller. After the end of the processing period, the personal data will be deleted from our system or anonymized in order to be processed for scientific, historical research or statistical purposes. We ask you to take into account that, in certain expressly enacted situations, we store the data for the period of time provided by the law. In any situation, except those provided by the applicable legislation, we erase your personal data when you solicit the data erasure. The applicable exceptions will be communicated to the solicitor in our answer regarding the request to delete the information. Collecting data from minors    VIA AMG SRL does not knowingly solicit data from children under 18 years of age. By using our website, you represent that you are at least 18 years old or that you are the parent or the guardian of such minor and consent to the minor’s use of our website. If we learn that personal data from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under 18, please contact us at the provided contact information. Recipients or categories of recipients of personal data We can disclose your personal data, complying with the applicable law, to business partners or other third parties. We are continuously making reasonable efforts to ensure that these third parties have implemented appropriate safeguards and security measures. We have contractual conventions with these third parties so your data is protected. Where the law provides, we will inform you with regard to the identity of these entities before transmitting the data to them or within a reasonable period of time and we will ensure that any transfer is based on your consent or other legal basis. VIA AMG SRL may transmit, give access and/or disclose personal data mainly to the following categories of recipients:

• public authorities or entities (such as, but not limited to: fiscal authorities, judicial courts or other public authorities);
• business partners, service providers and/or processors that process personal data on behalf of the controller, in accordance to the means and purposes of processing determined by us, only if they comply with this Privacy Policy, the legislation regarding the protection of personal data and any other appropriate privacy and security measures (such as, but not limited to: telecommunications and IT service providers, accounting, legal services and other contracted third parties).

We will ensure that, within reasonable limits, your data will not be transferred outside the European Economic Area, yet, as long as we will transfer data to countries outside the EEA, we will ensure that in all cases that transfers be based on your explicit consent or any other legal basis. Your rights and how to exercise them Our company is responsible for facilitating the exercise of any of your personal rights listed below. In order to protect your personal data or to prevent the abuse of malicious third parties who would be seeking access to your data, VIA AMG SRL may require prior identification steps to ensure that you are the person exercising the rights, through a solicitation, before taking action on the basis of the request. If the data subject makes an electronic request for exercising their rights, the information will also be provided by us in an electronic form, where possible, unless the data subject requests a different format. If, as a result of the application of legal provisions, our company cannot, in whole or in part, respond to a request of the data subject, then the applicable exceptions will be communicated to the solicitor through the response submitted by us with regard to the issue. Right of access You have the right of access, respectively the right to obtain from the controller confirmation as to whether or not your personal data are being processed. When requested, the controller shall provide a copy for the personal data undergoing processing. Right to rectification You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have the incomplete personal data completed, including by means of providing a supplementary statement. Right to erasure With the exceptions provided by the Regulation, you have the right to obtain from the controller the erasure of your personal data without undue delay where one of the following grounds applies:

1. the personal data are no longer necessary in relation to the purposes which they were collected or otherwise processed;
2. you withdraw your consent on which the processing is based exclusively on your consent and where there is no other legal ground for the processing;
3. you object to the processing for the purposes of performance of a task carried out in the public interest or the legitimate interest of the company and there are no overriding legitimate grounds for the processing;
4. the personal data have been unlawfully processed;
5. the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
6. other situations provided by the Regulation as long as they are applicable.

Right to restriction of processing   You have the right to obtain the restriction of processing in the situations expressly provided by the Regulation (for example, if you dispute the accuracy of the data, the restriction of processing will be granted for the period necessary to verify the contested data). Right to data portability      You have the right to receive the personal data concerning you that you provided to the controller, in a structured, commonly used and machine-readable and have the right to transit those data to another controller without hindrance from the controller, in the situations expressly provided by the Regulation. In exercising the right to data portability, the data can be directly transmitted to another controller expressly named by you where technical feasible. Right to object You have the right to object at any time to processing your personal data. In this case, the company will no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, you have the right to oppose at any time to processing of personal data concerning you, which includes profiling to the extent that it is related to such direct marketing. Right to withdraw the consent Where the processing is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal. The withdrawal of consent is not applicable where the legal basis of processing is not your consent. The withdrawal of your consent is made through a request that you can write/make and sent to VIA AMG SRL using any of the contact details provided in this Privacy Policy. Right to lodge a complaint If you wish to lodge a complaint with regard to the use of your personal data, please submit your complaint through any of the means of communication provided in this Privacy Policy at the contact details. Any complaint will be reviewed within a reasonable period of time and the complainant will receive a response from the controller within the legal period of time. You also have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP from Romania). Consequences of the refusal to provide personal data If personal data are collected directly from you, we inform you that in generally you are not required to provide your personal information to the controller, except when providing data represents a legal or contractual obligation or this stage is necessary for the conclusion of a contract. Thus, insofar as you enter into a legal relationship with the controller or otherwise benefit from our services, providing personal data is necessary for honouring the obligations we are assuming as controller with regard to you or for providing our services. Do you have any questions or queries to exercise your rights? If you have questions or concerns about processing your personal data or wish to exercise the aforementioned rights, you can write to us at office@transferprivat.ro and we will respond as soon as possible.